ANALYSIS: Crisis PR - Hack attacks test the brave new world of PR The dot-com dream recently turned into a nightmare when hackers launched an assault on some of the nation’s top Web sites. Although the site slowdowns were short-lived, the media fe

The dot-com world is a dangerous place. While most people may be more worried about hackers stealing credit card information than about being temporarily unable to access a Web site, when hackers impact a site’s business operations, it’s a serious matter.

The dot-com world is a dangerous place. While most people may be more worried about hackers stealing credit card information than about being temporarily unable to access a Web site, when hackers impact a site’s business operations, it’s a serious matter.

The dot-com world is a dangerous place. While most people may be

more worried about hackers stealing credit card information than about

being temporarily unable to access a Web site, when hackers impact a

site’s business operations, it’s a serious matter.

As the recent denial of service (DOS) attacks ripped through top

Internet sites such as, E-Trade, eBay and Yahoo!, most took a

similar approach in dealing with the press by responding to all calls,

emphasizing that no user data has been accessed and underscoring that

security has been improved. The sites reported minimal financial impact,

but the Yankee Group predicts these attacks will cost over dollars 1

billion. Moreover, the damage to the sites’ reputations - and that of

the Internet category - has yet to be determined, particularly since

improved security measures are no guarantee that something like this

won’t happen again.

For a site like eBay, this is nothing new. ’We gained a level of

expertise and maturity last year in June and August when our site went

down,’ says Kevin Pursglove, senior director of communications. When

eBay was hit, Pursglove met with the company’s VP of marketing and the

technology department to develop talking points. Like most other sites,

eBay tried to convey the message that its site was never completely

down, but that it was experiencing slower response times and the

engineering staff was working on fixing the problem. The company also

tried to respond to every media call that came in and gave site updates

every 20 minutes to explain the problem and its origin.

Damage control vs safety

Although was less prepared than eBay, it followed a similar


Since most employees had already left for the day when the site was

affected, CNN publicists got on the phone with the technology team to

discuss the problem, then fielded calls throughout the night.

ZDNet’s director of PR, Martha Papalia, says they’re always on the alert

for an attack. ’There weren’t people running around in a panic,’ says

Papalia. Although many senior executives were in a meeting when the site

was attacked, Papalia provided basic information to reporters until they

became available. ’From what I’ve seen and heard, (the companies) jumped

on it pretty quickly,’ says Gary Thompson, president and chief

reputation officer at Shandwick.

But even though ZDNet says it has responded to every press call it

received, Papalia says that they have tried not to give out too much

information in order to prevent copycat attacks. Excite@Home took the

same stance.

According to PR manager Kelly Distefano, the company tried to keep its

initial messages very simple. ’We didn’t want to draw attention or

provide any hackers with more motivation to go after us harder,’ she

says. ’I think if the media had never found out, we would have been

fine.’ However, she admits that some reporters were angry when

Excite@Home refused to disclose what added security measures they had


One thing companies did differ on was who they had in place to speak

with reporters. At eBay, other members of the PR staff screened calls

and placed them in order of importance before handing them off to


While some reporters may have been frustrated that they were only able

to speak to PR pros and not top executives or engineers, Pursglove

defends his tactic: ’This is what we’re paid to do. The engineering team

is working on the problem at hand.’ However, Papalia says that they made

a conscious decision to set aside some time for ZDNet’s CEO to speak

with the top-tier press.

Excite@Home decided not to provide any spokespeople for on-camera


’We want to control the messages that are out there and not put anybody

out there who may not be prepared for a question,’ Distefano says. While

Thompson doesn’t believe that it’s necessary to put the company CEO on

the phone with everyone, he says the chief exec should be front and

center, taking responsibility. A letter from the CEO e-mailed to

customers or posted on the site could have helped, he adds.

Some sites also chose not to respond to all calls. could not

be reached for comment, and calls to E-Trade went unanswered.

did not provide a spokesperson, citing SEC quiet period constraints,

although the company distributed a press release once it was fully

functional to explain the problem. While the majority of sites took a

reactive rather than proactive stance, Pursglove points out that there

wasn’t time to do more than respond to calls once the word got out.

Despite the fact that all of the PR pros PRWeek spoke with insisted that

this was a serious matter, some gave the impression that being the

victim of a cyberattack was almost a status symbol. ’From a PR

standpoint, it’s a definite plus to be in such good company when you’re

dealing with a crisis like this,’ says ZD’s Papalia. In fact, reporter Paul La Monica recently expressed jealousy that

his site hadn’t been hacked.

’You know you’ve truly arrived when someone takes the time to hack you,’

he quips.

Of the leading sites that weren’t hit, many still had a plan in place

for dealing with the issues. While Lycos is not doing interviews with

the press, it prepared a statement saying that it takes ’extensive

precautions to prevent security breaches’ and is confident that it has

protected sensitive customer information.

AltaVista director of communications David Emanuel says that after it

learned of the attacks on the other sites, the company discussed how to

handle a possible attack on its site. ’We’re on heightened awareness of

the issue,’ says Emanuel. The company also developed Frequently Asked

Questions (FAQ) about Internet attacks and posted them on the site.

The aftermath

For the sites that were attacked, most are returning to business as

usual as the calls from the media have dwindled. They have formed a

coalition to communicate with each other and get more information on how

and why these attacks happened, and were expecting another flurry of

press calls surrounding last week’s White House Internet summit, which

is meant to find ways to improve security.

But the one question left unanswered is how this will impact the

reputation of dot-coms over time. Pursglove says that he doesn’t believe

these incidents have caused lasting damage. ’This was an industry-wide

problem, and most users understand the Internet by now and understand

that this was caused by external factors,’ he says. That’s exactly the

problem, says Thompson, who thinks the reputation of the entire Internet

category has suffered: ’They can’t just say that this is a fact of


Whatever the case, many cautious Internet neophytes can’t distinguish

between an external attack and internal screw-ups. All they know is that

they can’t access their favorite sites, so they go elsewhere. While the

engineers patch the holes, the dot-com PR teams must patch up precious

relationships - in Internet time.

Have you registered with us yet?

Register now to enjoy more articles and free email bulletins

Already registered?
Sign in

Would you like to post a comment?

Please Sign in or register.